I agree to TechTarget’s Terms of Use, Privacy Policy, and the transfer of my information to the United States for processing to provide me with relevant information as described in our Privacy Policy.

Please check the box if you want to proceed.

I agree to my information being processed by TechTarget and its Partners to contact me via phone, email, or other means regarding information relevant to my professional interests. I may unsubscribe at any time.

Please check the box if you want to proceed.

By submitting my Email address I confirm that I have read and accepted the Terms of Use and Declaration of Consent.

survey that found public Wi-Fi usage rose significantly over the last year.

The study, conducted by the by the Identity Theft Resource Center (ITRC), surveyed 377 people and found more than half (57%) used public Wi-Fi hotspots to access confidential work-related information. The online survey was commissioned by Sherman, Conn.-based Private Communications Corporation, a seller of virtual private network (VPN) software.

Public Wi-Fi usage has gone up 240% in the past year, but 44% of respondents weren't aware of a way to protect their information when using a hotspot. In addition, 60% of those surveyed indicated they were either concerned or very concerned about their security when using a public hotspot. Experts have pointed out that the rapid increase in public hotspots is associated with the growing use of smartphones and tablet devices.

Security researchers have demonstrated how easy it is for an attacker to target users of open Wi-Fi hotspots, sniffing unencrypted traffic to view sensitive data, such as email and social networks. A Mozilla Firefox plugin called Firesheep made the attacks more widely available, automating the process of monitoring and analyzing traffic.

A VPN encrypts information traveling between a user's computer and the provider's remote network. Large organizations often provide a VPN to protect employees, typically maintaining a VPN appliance to handle a high load of traffic, but security expert Lisa Phifer, president of Core Competence Inc. in Chester Springs, Pa., said they are useful for companies of all sizes.

Companies have tried other solutions with little success, Phifer said. One example is when an organization prohibits employees from adding new network names to corporate laptops. This technique does not help with employee-owned devices, however, and it is unpopular with employees.

To make sure their employees use the VPN, companies can stop employees from using business services on their personal laptops or mobile devices, unless they log on to a VPN.

Kent Lawson, CEO and founder of Private Communications Corporation, said security experts have been warning about the growing concern of open and often poorly protected Wi-Fi threats.

"People are aware in their tummies that when they use hotspots they're doing something risky," Lawson said. "But they don't know there's a solution."

Lawson said individuals and small businesses can also use a VPN to ensure secure browsing. Critics of personal VPN's say they could slow machines down. Lawson said while the VPN is encrypting and then decrypting information as it travels between a machine and the network, the process runs in the background and does not have a noticeable affect for the ordinary worker using Wi-Fi to surf the Web and check email.

"I would not recommend using a VPN if you're about to download a two-hour HD movie," he said.

Phifer said a VPN can use up battery life faster on smaller devices, but performance of applications on the device is not impacted.

Another complaint with VPNs is that the process of logging on is too time-consuming, Phifer said. In many cases, users have to log on to a hotspot and log on to their VPN before they can access the Internet.

"A great deal of it is because of the expediency," Phifer said of the tendency for users to ignore the fact that they are not protected when using public Wi-Fi. Additionally, Phifer said people do not believe five minutes on a public network will expose them to any harm.

Using HTTPS encryption for protection

Another option for securing information when logged on to public Wi-Fi is to use HTTPS encryption when browsing. Lawson, however, believes using HTTPS does not provide enough security.

"It's spotty. Some sites are secured and some aren't. Some only secure during login," he said.

VPN protection is limited

A VPN only addresses the lack of encryption when using public Wi-Fi, so users need to take further steps to ensure a secure browsing experience, Phifer said. In addition to a VPN, a firewall is important because it protects against others on the network viewing a user's shared files. Users should also be aware of an "evil twin," a fake access point with the same network name of a real access point. While there is not a clean fix for an evil twin, Phifer said users should be aware of where they are connecting.

0 comments

Register

Login

Forgot your password?

Your password has been sent to:

By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy